Vital Stats
Relevant Product Characteristics
- This product is designed specifically with mental/behavioral health professionals in mind.
- The leadership or management behind this product includes at least one mental/behavioral health professional.
What Is This Product?
SimplePractice is a full-featured, web-based practice management tool that offers scheduling, client reminders, payment, treatment plan collaboration, and intake form management, among other things. For a full review of SimplePractice’s features, see Tame Your Practice’s review of SimplePractice. – https://tameyourpractice.com/blog/simplepractice-review
Our Impressions
Very positive. Our technical and compliance-related questions were addressed quickly and thoroughly. We also experienced the company as being highly responsive to our questions and feedback. When you’re working with a company that maintains records for you, the kind of responsiveness that SimplePractice displays is important.
Based on the information gathered in our review, we have no hesitations in recommending SimplePractice as appropriate for your risk management needs.
NOTE:Â SimplePractice has gone through a number of updates since we last reviewed it in depth. Our compliance possible and recommended review outcome of “HIPAA compliance possible? Yes” outcomes are current. Our usage notes have not yet been updated to address the feature additions — so the usage notes are not exhaustive. (1/8/21)
This product offers a free service tier or a free trial account:
We encourage all clinicians interested in this product to try out the free trial or experiment with the free tier to see if it suits your needs.
If you discover anything of concern that isn’t addressed in this review yet, please tell Liath about it at [email protected].
- Click here for the free trial or free service tier information→. Important note about Business Associate Agreements: This product does not seem to offer a Business Associate Agreement for the free trial or free service tier. Do not use client information when testing the product.
This product has also been reviewed by:
- Tame Your Practice: Rob Reinhardt of Tame Your Practice does highly-respected reviews of EHR products. While we review them primarily for risk management appropriateness, Rob reviews them for features and quality. Read Rob’s review of this product→
Caveats
Caveats are criticsms of the company or product that we feel are relevant to your risk management or other important considerations.
None
Notes
Notes cover points where the product can’t ensure compliance or ethical action for you. These help you know what your part of the compliance puzzle looks like when using this product. A high note count usually correlates with a feature-rich product, and not necessarily with a product that has problems.
1) Avoid sending unsecured appointment reminders without proper collaborative risk analysis
SimplePractice offers appointment reminders by email, SMS text message, and automatic voice call.
SimplePractice wisely gives you the ability to have clients opt-in before sending them email or SMS text reminders. Remember, though, that when using conventional email or text messaging, you need to determine if simple opt-in is sufficient for your ethical and legal needs. Read our article on unsecured communications here for some guidance to help you decide what you need to do to around appointment reminders to stay legal and ethical in your practice. It is also covered in Engaging in HIPAA Security and Digital Confidentiality as a Mental Health Professional, Module 4: Using Email, Text, Phone, and Video in a HIPAA-Compliant Manner in detail.
If it turns out that unsecured email or text communications are legally-ethically workable for you, SimplePractice executes a Business Associate Agreement with you, which makes it legal for them to send those emails or texts on your behalf.
2) Be sure you are following simple security measures like using appropriate passwords and computer/device security
SimplePractice has fairly un-complex password requirements, so when setting a password be sure to exceed their suggested minimum complexity.
SimplePractice has a mobile app. This is very useful and convenient, and the app depends on you to keep your phone secure so that the app is secure, too. Our HIPAA Investigation Repellent course covers smartphone security in detail. Our video on how to use the security features of your smartphone is also quite helpful.
3) Lock your progress notes
If you have more than one clinician in your practice who has access to the same clients’ files, lock your client progress notes once you’ve completed them. While SimplePractice tracks some changes to notes, it couldn’t tell you, for example, that Clinician A updated Clinician B’s progress notes on Client Z. Note that only progress notes can be locked. Locking the note will help make sure it remains clear who created and edited the note.
Another way to mitigate the risk of another clinician overwriting or changing progress notes is to be cautious about giving any clinician besides the primary account holder “Administrator Access,” since an Administrator can read and change any non-locked notes.
4) Use your HIPAA-friendly email account to receive reports from SimplePractice
SimplePractice can send some useful reports to your email on a regular basis. While these emails are designed to significantly reduce the identifying information they contain, we recommend that you use your HIPAA-friendly email account (one with a Business Associate Agreement in place) to receive the emails. This may be a belt-and-suspenders approach, but it is very likely that if you are reading this review, then you already have an email account with a Business Associate Agreement. So we recommend you use that one to receive your reports from SimplePractice.